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(57) Abstract: A system for preventing intrusion in communication traffic with a set (130) of machines in a network includes a 
data base (415> having stored therein patterns representative of forbidden communication endlies as well a firewall module (4P a ) 
configured for blocking forbidden communication endues in the traffic as identified by respective patterns included in the data base 
(415). The system further includes another data base (416) having stored therein patterns representative of allowed communication 
entities for communication with said set of machines (130) and a test system (420) including test facilities (421) replicatinc the 
machines in said set ( 1 30). A communication module (4 1 0) is provided configured for allowing (4 1 1 b ) communication of allowed 
commumcalion cnUUcs as identified by respective patterns included in the other data base (416). Unknown communication entities 
as identified by rcspecuve unknown patterns not included in either of said data base (415) and said further data base (416) are di 
reeled (41 Id) to the test system (420) and ran on the lest facilities (421) therein to detect possible adverse effects of such unknown 
communication entities on the test system. The system is further configured so that: i) in the presence of an adverse effect, the 
unknown communication entity leading to the adverse cfTect is blocked by the firewall module (412a), and ii) in the absence of an 
adverse effect, communication of the unknown communication entity failing to lead to said adverse effect is allowed. 
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